On Mon, 5 Oct 2015 14:20:41 +0300 Stas Sergeev <stsp@xxxxxxx> wrote: > 05.10.2015 12:47, Andrew Bird пишет: > > Mmm, that thread is full of the same old rhetoric (i.e. it must be a risk as no one can be bothered/has time to check it and users > > must be prevented from hurting themselves even if they've already jumped through hoops to enable mm.vm_addr=0, which is a known security > > risk, so that dosemu can function with cpuemu=off). I do fail to see why the default can't have the vm86() syscall compiled in, but > > disabled by default at run time. > As Felix pointed, this is exactly what happens. > But really, having never delivering dosemu, keeping vm86 > ON is pretty useless for them, so I won't bet on this to > stay forever. But now as it can be disabled at run-time - > the chances are big they'll no longer re-visit this subject > and leave it as is. > Note that AFAIK dosemu can't use vm86 on fedora even if > enabled both compile-time and run-time, because selinux > then prevents mapping zero page even if you enabled it in > mmap_min_addr (but I may be wrong, someone needs to double-check > also this). The security threat may come from the fact > that you need to disable selinux. > > Yes, I understand and if it stays that way that's great, I only wish Ubuntu were the same :-( > > Regarding RHEL kernels, I've used CentOS 3, 4, 5 and 6 successfully with Dosemu cpuemu=off, so CONFIG_VM86=y was set on those. > Have you disabled selinux? I no longer use CentOS, but my notes indicate that I did disable it at the time. This page http://blog.namei.org/2008/02/15/mmap_min_addr-setting-may-mitigate-vmsplice-exploit/ suggests an selinux policy written for a specific app can be used to avoid the sledgehammer of disabling selinux, though I have no idea how to do that. -- To unsubscribe from this list: send the line "unsubscribe linux-msdos" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
